package middleware

import (
	"github.com/gin-gonic/gin"
	"net/http"
	"server/pkg/response"
	"server/pkg/utils"
)

func Cors() gin.HandlerFunc {
	return func(context *gin.Context) {
		method := context.Request.Method
		context.Header("Access-Control-Allow-Origin", "*")
		context.Header("Access-Control-Allow-Headers", "Content-Type,AccessToken,X-CSRF-Token, Authorization, Token,X-Requested-With,XMLHttpRequest")
		context.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS")
		context.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, Token ,token")
		context.Header("Access-Control-Allow-Credentials", "true")
		if method == "OPTIONS" {
			context.AbortWithStatus(http.StatusOK)
		}
		context.Next()
	}
}

func UserMiddleWare() gin.HandlerFunc {
	return func(c *gin.Context) {
		// token
		token := c.GetHeader("token")
		var userInfo utils.UserAuthToken
		err := utils.DecodeToken(token, &userInfo)
		if err != nil {
			response.NoAuth(c)
			c.Abort()
			return
		}

		if userInfo.RoleType != "user" {
			response.NoAuth(c)
			c.Abort()
			return
		}

		c.Set("role_id", userInfo.RoleId)
		c.Set("role_type", userInfo.RoleType)
		c.Next()
	}
}
